Talent.com
No longer accepting applications
Security Governance Analyst

Security Governance Analyst

ADMBengaluru, India
1 day ago
Job description

Security Governance Analyst

Position Summary :

This role will report to the Director Security Governance & Awareness within Global Information & Cyber Security as a member of the security governance team to help with governance of the Information Security program and security risks. Together with the Director Security Governance & Awareness, this role will reduce risk by continuously reviewing, refining, and recommending improvements to the Information Security operating model, policies, standards, and processes and provide reporting and recommendations to the CTO, CISO, and senior leadership.

Job Responsibilities :

  • Develop, maintain, evaluate and implement policies and procedures aligned with both business requirements and legislative changes, (i.e. ISO 27001 / 27002, COBIT 5, NIST CSF, NIS2, GDPR).
  • Collaborate with subject matter experts to write policies and standards in line with the ADM Control Framework, based on NIST CSF, ISO 27001 / 27002, SCF (Secure Controls Framework).
  • Lead control assessment activities addressing security and regulatory requirements, engaging appropriate business units and personnel to plan and execute the ADM Control Governance program, documenting gaps / vulnerabilities and driving risk identification and intake.
  • Manage and maintain GICS SharePoint sites for security awareness, policies, standards, training, newsletters and reporting of threats.
  • Implement security policies and standards aligned with enterprise objectives.
  • Collaborate with subject matter experts to align security and compliance requirements with emerging business needs.
  • Participate in the development and implementation of security awareness program training, materials, and events. Develop and deliver content to educate the business about the ADM Control Framework and other organizational programs.
  • Manage Global Information & Cyber Security SharePoint Site, Yammer and Social Chorus, including all security awareness newsletters, videos, promotions, team updates, policies and standards.
  • Develop and communicate guidelines for enterprise security practices.
  • Assist with control design and implementation for the ADM Control Framework, including tracking and reporting progress, security control gaps, and metrics.
  • Proactively identify and collect appropriate and meaningful metrics to be reported in order for the business leaders to make appropriate risk-based decisions.
  • Monitor compliance with security policies and standards across the organization utilizing reporting and metrics, driving process improvement.
  • Compile, review, and analyze security information to provide recommendations, metrics, and reports for management review and decision making.
  • Facilitation and management of security policies, policy exceptions, standards, procedures and guidelines.
  • Document and track requests for variance from standards. Monitor risk mitigation processes and progress until variances are closed.
  • Actively stay aware of processes and methods for identifying and addressing non-compliance to information security standards and communicate the findings clearly to business areas.
  • Collaborate with key business units and capability stakeholders, including, but not limited to, Privacy, IT, Internal Audit, InfoSec, Corporate Security, and HR to develop and improve Information Governance across the enterprise.
  • Establish security metric baselines and generate reports reflecting current performance against those baselines using Power BI.
  • Document narrative summary and analysis of the metrics.
  • Review, track and update company standards for compliance to legal and regulatory requirements. Work with subject matter experts to maintain documentation; modifies or creates new security standards as needed.
  • Monitor compliance with security policies and standards across the organization utilizing reporting and metrics. Drive compliance improvement to processes.
  • Document and track requests for variance from standards. Monitor risk mitigation processes and progress with the clients until variances are closed.
  • Perform functions in a timely manner and with extreme level of attention to detail, urgency and thoroughness.

Job Requirements :

  • BA / BS degree or higher or equivalent experience.
  • Minimum of 4-8 years of experience in security and IT / OT related fields.
  • Experience managing SharePoint sites (web development), posting updates and configuring sites and forms. Basic knowledge and understanding of how information security affects an organization and ability to link it to business processes.
  • Experience with Security Awareness program management and implementation.
  • Basic knowledge and understanding of risk assessment and control methods.
  • Basic knowledge and understanding of end-user computing tools, hardware, application software, network, communications and mobile technologies.
  • Basic knowledge and understanding of information security policies, standards and processes.
  • Basic knowledge of electronic record retention policies and standards.
  • 5 years of regulatory requirements and frameworks such as ISO 27001 / 27002, PCI, CIS CSC, SOX, HIPPA, COBIT, GDPR or NIST Cyber Security Framework (CSF).
  • SANS 401 (can be obtained after employment).
  • 5 years of experience in a GRC discipline. One year of work in a Governance, Risk, Compliance (GRC) function in a highly regulated environment, may substitute for up to 18 months' experience.
  • Proven success implementing security policies, standards, and / or controls.
  • Ability to translate strategy into actionable plans impact organizational change.
  • Familiarity with complex multi-national companies and distributed business models.
  • Ability to work across the organization, building relationships and influencing peers and management through establishing trust and credibility.
  • Applies sound judgment and creativity to solve complex problems.
  • Ability to excel in a rapidly changing environment.
  • Experience in one or more of the following areas preferred : network administration, systems administration, SDLC / secure soft, encryption, asset management, identity and access management, Audit, Governance Risk & Compliance, IT Operations, Security Risk Management.
  • Strong verbal and written communication skills; ability to drive discussions and influence decision making; strong presentation and reporting skills. Proficient in technical writing and leveraging various creative mechanisms to communicate to diverse audiences.
  • Ability to communicate with and create documentation for technical and non-technical audiences.
  • Strong leadership and communications skills.
  • Limited travel required.

    • Desired Skills :

  • Practical experience implementing NIST, ISO, or other industry standards Certifications, such as CISM, CISSP, CISA, or CRISC.
    • Create a job alert for this search

    Security Analyst • Bengaluru, India

    Related jobs
    • Promoted
    Senior Analyst - Cloud Security T500-21293

    Senior Analyst - Cloud Security T500-21293

    MUFGBengaluru, Republic Of India, IN
    Japan’s premier bank, with a global network spanning in more than 40 markets.Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to busin...Show moreLast updated: 16 days ago
    • Promoted
    Senior Analyst Security Governance & Policy

    Senior Analyst Security Governance & Policy

    ConfidentialBengaluru / Bangalore
    Consult in the development, implementation, and maintenance of the Information Security Policy framework.Manage the policy review, update, and approval cycle to ensure timely and effective governan...Show moreLast updated: 21 days ago
    • Promoted
    SuccessFactors Security Analyst

    SuccessFactors Security Analyst

    ADMBengaluru, India
    SuccessFactors Security Analyst.Under general supervision design, implement, and maintain effective methods to protect ADM applications. Use established procedures to assist in the deployment and ma...Show moreLast updated: 3 days ago
    • Promoted
    Security Testing Operations Analyst

    Security Testing Operations Analyst

    London Stock Exchange GroupBangalore, India
    The Security Testing Operations Analyst is a crucial role for the vulnerability management and offensive testing activities across the group to which protects the business from sophisticated cyber ...Show moreLast updated: 10 days ago
    • Promoted
    Security Governance Analyst

    Security Governance Analyst

    ADMBengaluru, India
    This role will report to the Director Security Governance & Awareness within Global Information & Cyber Security as a member of the security governance team to help with governance of the Informati...Show moreLast updated: 3 days ago
    • Promoted
    Senior Analyst - Cyber Secuirty Transition Analyst

    Senior Analyst - Cyber Secuirty Transition Analyst

    MUFG Global Service (MGS)Bengaluru, India
    JOB TITLE : Cyber Security Transition Analyst.Corporate Title : SENIOR ANALYST.Department : Information Security.To ensure a smooth and structured transition of cyber security projects from delivery (...Show moreLast updated: 17 days ago
    • Promoted
    Amagi - Analyst - Governance / Risk & Compliance

    Amagi - Analyst - Governance / Risk & Compliance

    Amagi Media LabsBangalore, India
    This role has been established to support the business in building sustainable governance andcompliance practices at Amagi. The basic factor required to be successful in this role warrants a good un...Show moreLast updated: 29 days ago
    • Promoted
    Cyber Security Governance, Policy and Standards Analyst

    Cyber Security Governance, Policy and Standards Analyst

    ConfidentialBengaluru / Bangalore, India
    Cyber Security Governance, Policy and Standards Analyst.A vacancy exists for a Cyber Security Governance, Policy and Standards Analyst, within Unilever's Cyber Security function.The successful cand...Show moreLast updated: 14 days ago
    • Promoted
    Security Governance Analyst [T500-21516]

    Security Governance Analyst [T500-21516]

    ADMBengaluru, Karnataka, India
    We are one of the world’s largest nutrition companies and a global leader in human and animal nutrition.We unlock the power of nature to provide nourishing quality of life by transforming crops int...Show moreLast updated: 2 days ago
    • Promoted
    Senior Analyst - Cloud Security [T500-21293]

    Senior Analyst - Cloud Security [T500-21293]

    MUFGBengaluru, Karnataka, India
    Japan’s premier bank, with a global network spanning in more than 40 markets.Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to busin...Show moreLast updated: 15 days ago
    • Promoted
    Senior Analyst - Cloud Security

    Senior Analyst - Cloud Security

    MUFG Global Service (MGS)Bengaluru, India
    Japans premier bank, with a global network spanning in more than 40 markets.Outside of Japan, the bank offers an extensive scope of commercial and investment banking products and services to busine...Show moreLast updated: 17 days ago
    • Promoted
    Security Analyst

    Security Analyst

    Quess Corp LimitedBengaluru, Karnataka, India
    Security Analyst / Specialist (Secure by Design Consultant).Pune & Bangalore | Hybrid (2 days / week).We’re looking for an experienced. Technical Security Assessments & Risk Management.Knowledge Cloud...Show moreLast updated: 17 days ago
    • Promoted
    Senior Azure Security Centre Analyst

    Senior Azure Security Centre Analyst

    PwCBengaluru, Karnataka, India
    Senior Azure Security Centre Analyst.Seeking an Azure Security Centre Analyst with proven experience in cloud security operations within the Microsoft Azure ecosystem. Key responsibilities include m...Show moreLast updated: 4 days ago
    • Promoted
    Senior Staff Security Governance & Compliance Analyst

    Senior Staff Security Governance & Compliance Analyst

    ConfidentialBengaluru / Bangalore, India
    Diligent is the AI leader in governance, risk and compliance (GRC) SaaS solutions, helping more than 1 million users and 700,000 board members to clarify risk and elevate governance.The Diligent On...Show moreLast updated: 21 days ago
    • Promoted
    • New!
    Senior Security Analyst (Offensive)

    Senior Security Analyst (Offensive)

    CloudSEKHosur, Tamil Nadu, India
    About the Company We are a bunch of super enthusiastic, passionate, and highly driven people, working to achieve a common goal! We believe that work and the workplace should be joyful and always b...Show moreLast updated: 21 hours ago
    • Promoted
    Security Analyst

    Security Analyst

    ConfidentialBengaluru / Bangalore, Pune
    Good Understanding of technology .Security concept and Risk – Compliance .The ability to identify, assess and manage the risks. CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA o...Show moreLast updated: 19 days ago
    • Promoted
    Azure Security Centre Analyst

    Azure Security Centre Analyst

    PwCBengaluru, Karnataka, India
    Seeking an Azure Security Centre Analyst with proven experience in cloud security operations within the Microsoft Azure ecosystem. Key responsibilities include managing Azure security tools, vulnera...Show moreLast updated: 14 days ago
    • Promoted
    Governance & Administrative Analyst

    Governance & Administrative Analyst

    MUFG Global Service (MGS)Bengaluru, India
    Mitsubishi UFJ Financial Group, Inc.MUFG) is one of the worlds leading financial groups.Headquartered in Tokyo and with over 360 years of history, MUFG has a global network with over 2,700 location...Show moreLast updated: 17 days ago